<?php
// +-------------------------------------------------------------------------+
// | Mobile Melody Plug-in for PHP Melody ( www.phpsugar.com )
// +-------------------------------------------------------------------------+
// | MOBILE MELODY IS NOT FREE SOFTWARE
// | If you have downloaded this software from a website other
// | than www.phpsugar.com or if you have received
// | this software from someone who is not a representative of
// | phpSugar, you are involved in an illegal activity.
// | ---
// | In such case, please contact: support@phpsugar.com.
// +-------------------------------------------------------------------------+
// | Developed by: phpSugar (www.phpsugar.com) / support@phpsugar.com
// | Copyright: (c) 2004-2012 PhpSugar.com. All rights reserved.
// +-------------------------------------------------------------------------+
session_start();

@header( 'Expires: Wed, 11 Jan 1984 05:00:00 GMT' );
@header( 'Last-Modified: ' . gmdate( 'D, d M Y H:i:s' ) . ' GMT' );
@header( 'Cache-Control: no-cache, must-revalidate, max-age=0' );
@header( 'Pragma: no-cache' );

require_once('settings.php');

// Initialize some variables
$errors = array();
$nr_errors = 0;
$logged_in = 0;

$mode = '';
$redir = '';
$mode = ($_GET['do']) ? $_GET['do'] : '';

switch($mode){ 
	default:
	case 'login':
		//	check if user is already logged in
		//	if he already is, redirect him to index page
		if(is_user_logged_in()) {
		header("Location: ". _URL_MOBI ."/index."._FEXT."");
		exit();
		}
		// get the last referer so that we can redirect the user to his last visited page after logging him in.
		$redir = $_POST['ref'];
		if( $redir === false){ 	
			$redir = "index."._FEXT;
		}

		//	check if the form has been submitted
		if( isset($_POST['Login'])) {
			$username = (get_magic_quotes_gpc()) ? stripslashes(trim($_POST['username'])) : trim($_POST['username']);
			$username = secure_sql($username);
			$pass = $_POST['pass'];

			if(empty($username) || $username == '') 
				$errors['username'] = $lang['login_msg1'];
			if(empty($pass) || $pass == '')
				$errors['pass'] = $lang['login_msg2'];
				
			if( !confirm_login($username, $pass, false) && $username != '' && $pass != ''){
				$errors[] = $lang['login_msg3'];
			}
			//	check banlist;
			$user_id = username_to_id($username);
			$ban = banlist($user_id);
			if($ban['user_id'] == $user_id && $user_id != '')
			{				
				$errors[] = sprintf($lang['login_msg16'], $ban['reason']);
			}
			$nr_errors = count($errors);
			if( $nr_errors > 0 ){
				// errors were encountered while processing form
				header("Location: ". _URL_MOBI ."/login."._FEXT."?errors=1");
				exit();
			}
			else {
				// this means everything is ok!
				// log him in.
				$remember = $_POST['remember'];

				if( is_user_account_active('', $username) == 0 )
				{
					$errors[] = $lang['login_msg4'];
				}
				else
				{
					$errors = 0;
					log_user_in($username, $pass, $remember, false);
				}
				header("Location: ". _URL_MOBI ."/".$redir);
				exit();
			}
		}
		else { 
			// show the form. 
			$redir = $redir;
			header("Location: ". _URL_MOBI ."/index."._FEXT."?login=1");
			exit();
		}
	break;
	
	
	case 'register':
		header("Location: ". _URL_MOBI ."/register."._FEXT."");
		exit();
	break;
	
	
	case 'logout':
		logout();
		header("Location: ". _URL_MOBI ."/index."._FEXT."?login=2");
	break;
}// end big Switch
exit();
?>